Verify the computer is joined to Active Directory

To verify a computer is joined to the Active Directory domain and is retrieving information from Active Directory by running commands on the UNIX computer:

  1. Log on to the UNIX computer.
  2. Type the following command to retrieve information about the computer’s connection to Active Directory:

    adinfo

    This command returns basic information such as the host name for the computer, whether the computer is joined to the domain, and whether the computer is currently connected to Active Directory. For example:

    Local host name:   magnolia
    Joined to domain: ajax.org
    Joined as: magnolia.ajax.org
    Current DC: ginger.ajax.org
    Preferred site: Default-First-Site-Name
    Zone: ajax.org/Centrify/Zones/default
    Last password set: 2017-12-21 11:37:22 PST
    CentrifyDC mode: connected

    For more detailed information about the environment, you can use --diag or other options with the command. For information about the options available and the information displayed for each option, see the adinfo man page.

  3. Type the following command to verify that the adclient process is running:

    ps -aef|grep adclient

    The command should return output similar to the following:

    root   1585  1  0 14:50 ?   00:00:29 adclient 
  4. Type the following command to confirm that lookup requests use the information in Active Directory:

    getent passwd

    The command should list all of the Active Directory user accounts that are members of the zone and all local user accounts in the
    /etc/passwd file format. For example:

    ben:x:601:100:Ben Waters:/home/ben:/bin/bash
    ashish:x:501:100:Ashish Menendez:/home/ashish:/bin/bash
    sunni:x:900:100:Sunni Ashton:/home/sunni:/bin/bash
    jolie:x:502:100:Jolie Ames:/home/jolie:/bin/bash
    pierre:x:1001:100:Pierre Leroy:/home/pierre:/bin/bash
  5. Review the contents of the /var/log/messages file and look for messages that indicate authentication problems or failures.